CAISS hosted their first talk in the 2024/2025 autumn/winter speaker series with Dr Suzanne McClure from Exeter University in October. Suzanne discussed some of the findings from the Attitudes Surrounding Data project which is being run in conjunction with Dstl and the Defence Data Research Centre (DDRC). This work is part of the research activities exploring the challenges facing contemporary organisations to provide confidential data that is available when needed, and is trustworthy. One of the primary objectives of the Defence Artificial Intelligence Strategy (2022) is to transform Defence into an “AI-ready organisation”. Existing research has suggested that one of the crucial ways to make organisations ‘AI ready’ is ensuring that data is secure, accessible, and reliable (Jöhnk, J., Weißert, M., & Wyrtki, K. 2021). Using Lego Serious Play® as a methodology, understanding barriers within organisations to better use of data and being ‘AI ready’ was explored. Specifically, the research from the workshops explored data flows, data security, and data privacy issues. The findings of the workshops will provide guidance for best practice in managing processes such as data wrangling and optimising how organisations use data.
Access to data is a common concern, as are frustrations with policies, processes, and practices, but this is often tempered by an understanding of security requirements and potential risks. This research demonstrated the utility of using creative methods such as Lego® based workshops to positively engage with participants about their data, a topic which might otherwise be considered somewhat dry. In terms of implications for Defence, it is simultaneously concerning that so many participants across different sectors of the UK economy experience issues with data access. Conversely, it was positive that many understood the importance of good data security and the risks posed by hostile actors and poor practice. It is important to caveat these findings with an important disclaimer that this research largely engaged with those who might be defined as ‘digital professionals’ who actively use data in their professional lives. These findings are important; however, they should be tempered by the findings of other contemporary research which has suggested that 59% of the UK workforce lacks basic digital skills as per the definitions of the UK government (Yates et al, 2024). The workshops were undertaken in a number of different organisations from the public and private sectors including academia. Using Lego to investigate, the discussions were centred around the concepts of confidentiality, integrity, and the availability of data. Also investigated were some of the key relationships between the security and accessibility of data, organisational working processes and practices, processes practices and accessibility, and security and risk.
So What?: Data is a key challenge for UK organisations operating within a complex policy landscape. This has serious implications for national security and Defence.
The workshops identified a number of common patterns and issues that reflect the stated priorities of existing UK policy. Future research might also seek to engage with those who do not necessarily work as digital professionals but are likely to increasingly need digital skills to use data in the future. Currently work is on-going to engage individuals within the Defence community, in both civilian and military roles, to get a further grasp on the role and importance of data to the UK’s national security.
Three main takeaways from the workshops were: Data Access – discussion consistently revolved around data access and availability, and frequently, how this could be improved. Data quality issues – discussions also touched upon data quality, with participants expressing concerns around issues like the poor quality of older data. Thirdly – the importance of good security and the link to associated risks. Both the workshop discussions and the policy extensively addressed the importance of secure data practices, and the risks posed by hostile or malicious actors.
Full reports can be viewed on the DDRC website here: DDRC.uk